CVE-2022-42169: n/a in n/a
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/addWifiMacFilter.
AI Analysis
Technical Summary
CVE-2022-42169 is a critical stack overflow vulnerability identified in the Tenda AC10 router firmware version V15.03.06.23. The vulnerability exists in the handling of requests to the /goform/addWifiMacFilter endpoint. A stack overflow occurs when the application writes more data to a buffer located on the stack than what is allocated, potentially overwriting adjacent memory. This can lead to arbitrary code execution, denial of service, or system compromise. The vulnerability has a CVSS 3.1 base score of 9.8, indicating a critical severity level. The vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H indicates that the vulnerability is remotely exploitable over the network without any privileges or user interaction, and it impacts confidentiality, integrity, and availability to a high degree. The CWE identifier CWE-787 confirms this is a classic stack-based buffer overflow issue. No patches or fixes are currently linked, and there are no known exploits in the wild at the time of publication. However, given the critical nature and ease of exploitation, it poses a significant risk to affected devices. The Tenda AC10 is a consumer-grade wireless router commonly used in home and small office environments. Exploitation could allow attackers to take full control of the device, intercept or manipulate network traffic, or pivot into internal networks.
Potential Impact
For European organizations, especially small businesses and home offices relying on Tenda AC10 routers, this vulnerability presents a severe risk. Compromise of these routers could lead to unauthorized access to internal networks, interception of sensitive communications, and disruption of network availability. Given the router’s role as a gateway device, attackers could deploy man-in-the-middle attacks, inject malicious payloads, or establish persistent footholds. This is particularly concerning for organizations handling personal data under GDPR, as breaches could lead to regulatory penalties and reputational damage. The lack of authentication and user interaction requirements lowers the barrier for attackers, increasing the likelihood of exploitation. Additionally, the widespread use of such consumer-grade devices in European households and small enterprises amplifies the potential attack surface. Although no known exploits are currently reported, the critical CVSS score and vulnerability type suggest that threat actors may develop exploits rapidly.
Mitigation Recommendations
1. Immediate mitigation should include isolating Tenda AC10 devices from critical network segments to limit potential lateral movement if compromised. 2. Network administrators should monitor network traffic for unusual activity originating from or targeting these routers, including unexpected outbound connections or anomalous DNS queries. 3. Where possible, replace affected Tenda AC10 routers with devices from vendors with active security support and timely patching. 4. If replacement is not feasible, implement strict firewall rules to restrict access to the router’s management interfaces, especially blocking external WAN access to the /goform/addWifiMacFilter endpoint. 5. Regularly check for firmware updates from Tenda and apply them promptly once available. 6. Employ network segmentation and zero-trust principles to minimize the impact of any compromised device. 7. Educate users about the risks of using outdated or unsupported network hardware. 8. Consider deploying intrusion detection/prevention systems (IDS/IPS) tuned to detect exploitation attempts targeting this vulnerability.
Affected Countries
Germany, France, United Kingdom, Italy, Spain, Netherlands, Poland, Belgium
CVE-2022-42169: n/a in n/a
Description
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/addWifiMacFilter.
AI-Powered Analysis
Technical Analysis
CVE-2022-42169 is a critical stack overflow vulnerability identified in the Tenda AC10 router firmware version V15.03.06.23. The vulnerability exists in the handling of requests to the /goform/addWifiMacFilter endpoint. A stack overflow occurs when the application writes more data to a buffer located on the stack than what is allocated, potentially overwriting adjacent memory. This can lead to arbitrary code execution, denial of service, or system compromise. The vulnerability has a CVSS 3.1 base score of 9.8, indicating a critical severity level. The vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H indicates that the vulnerability is remotely exploitable over the network without any privileges or user interaction, and it impacts confidentiality, integrity, and availability to a high degree. The CWE identifier CWE-787 confirms this is a classic stack-based buffer overflow issue. No patches or fixes are currently linked, and there are no known exploits in the wild at the time of publication. However, given the critical nature and ease of exploitation, it poses a significant risk to affected devices. The Tenda AC10 is a consumer-grade wireless router commonly used in home and small office environments. Exploitation could allow attackers to take full control of the device, intercept or manipulate network traffic, or pivot into internal networks.
Potential Impact
For European organizations, especially small businesses and home offices relying on Tenda AC10 routers, this vulnerability presents a severe risk. Compromise of these routers could lead to unauthorized access to internal networks, interception of sensitive communications, and disruption of network availability. Given the router’s role as a gateway device, attackers could deploy man-in-the-middle attacks, inject malicious payloads, or establish persistent footholds. This is particularly concerning for organizations handling personal data under GDPR, as breaches could lead to regulatory penalties and reputational damage. The lack of authentication and user interaction requirements lowers the barrier for attackers, increasing the likelihood of exploitation. Additionally, the widespread use of such consumer-grade devices in European households and small enterprises amplifies the potential attack surface. Although no known exploits are currently reported, the critical CVSS score and vulnerability type suggest that threat actors may develop exploits rapidly.
Mitigation Recommendations
1. Immediate mitigation should include isolating Tenda AC10 devices from critical network segments to limit potential lateral movement if compromised. 2. Network administrators should monitor network traffic for unusual activity originating from or targeting these routers, including unexpected outbound connections or anomalous DNS queries. 3. Where possible, replace affected Tenda AC10 routers with devices from vendors with active security support and timely patching. 4. If replacement is not feasible, implement strict firewall rules to restrict access to the router’s management interfaces, especially blocking external WAN access to the /goform/addWifiMacFilter endpoint. 5. Regularly check for firmware updates from Tenda and apply them promptly once available. 6. Employ network segmentation and zero-trust principles to minimize the impact of any compromised device. 7. Educate users about the risks of using outdated or unsupported network hardware. 8. Consider deploying intrusion detection/prevention systems (IDS/IPS) tuned to detect exploitation attempts targeting this vulnerability.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- mitre
- Date Reserved
- 2022-10-03T00:00:00.000Z
- Cisa Enriched
- true
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 682cd0fb1484d88663aec54d
Added to database: 5/20/2025, 6:59:07 PM
Last enriched: 7/6/2025, 9:40:01 AM
Last updated: 8/16/2025, 11:07:21 AM
Views: 15
Related Threats
CVE-2025-3495: CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Delta Electronics COMMGR
CriticalCVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.